What's the best way to root out a promiscious sniffer like WireShark? Are there any specific packet types that it spits out I can search for? I'd love suggestions for specific anti-sniffing tools to help better lock down our network.
Thanks

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your response...

Discuss This Question: 4 &nbspReplies

There was an error processing your information. Please try again later.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

It is not an easy task indeed. But i would definetly start out with Trafscrambler – Anti-sniffer/IDS Tool. I have made a presentation to large audience in a hacker event here in Brazil and proved to be one effective tool, not the definitive tool tough. Check some of its features:
Features
◦Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences
◦Userland binary(tsctrl) for controlling trafscrambler NKE
◦SYN decoy – sends out number of SYN pkts before the original SYN pkt
◦TCP reset attack – sends out RST/FIN pkt with bad sequence
◦Pre-connection SYN – sends out SYN with wrong TCP-checksum
◦Post-connection SYN – sends out fake SYN after connection establishment
◦Zero Window – send out pkt with “0” window set
download link http://en.roolz.org/files/soft/trafscrambler-0.2.tgz

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your reply...

Ask a Question

Free Guide: Managing storage for virtual environments

Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!

To follow this tag...

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy